IMA: include specific library in BPRM_CHECK
Hello,
After booting with ima=on, ima_policy=tcb, I think the default policy contains also:
measure func=BPRM_CHECK
Now I need to include only specific library for this check.
Can you please tell what is the exact syntax :
echo "measure ...." > /sys/kernel/security/ima/policy
The goal is to defend the rootfs from files modification by hacker.
Thank you,
Zvika